Should I block it?

Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.701.3.3014 7.75% 32.86% 33.74% 6.61% 14.19% 3.70% 0.09% 0.26% 0.79%

PE structurePE file structure

Show functions
Import table
RegSetValueExW, RegOpenKeyExW, RegQueryValueW, RegEnumKeyW, RegDeleteKeyW, RegOpenKeyW, CryptReleaseContext, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash, CryptAcquireContextW, QueryServiceStatusEx, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegDeleteValueW, RegCreateKeyW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegCreateKeyExW, OpenThreadToken, DuplicateToken, CheckTokenMembership, IsValidSid, GetLengthSid, ConvertSidToStringSidW, LookupAccountNameW, CopySid, GetSidSubAuthority, InitializeSid, GetSidLengthRequired, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, GetUserNameW, RegCloseKey, RegQueryValueExW, ControlService, CreateWellKnownSid, GetTokenInformation, RegFlushKey, RegEnumValueW, RegQueryInfoKeyW
InitCommonControlsEx, _TrackMouseEvent
CryptDecodeObject, CryptMsgClose, CertCloseStore, CertFreeCertificateContext, CryptProtectData, CertFindCertificateInStore, CryptMsgGetParam, CryptQueryObject, CryptUnprotectData, CertGetNameStringW
ScaleWindowExtEx, GetBkColor, GetTextColor, GetRgnBox, GetMapMode, GetStockObject, GetViewportExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, PtVisible, ExtTextOutW, TextOutW, SetBkMode, RestoreDC, SaveDC, SetBkColor, SetTextColor, GetClipBox, CreateBitmap, GetDeviceCaps, GetTextExtentPoint32W, DeleteDC, ExtSelectClipRgn, GetWindowExtEx, CreateFontIndirectW, CreateRectRgnIndirect, GetObjectW, DeleteObject, SetMapMode, RectVisible
CoCreateInstance, CoInitializeEx, CoTaskMemFree, CoUninitialize, CoTaskMemAlloc, CLSIDFromProgID, CLSIDFromString, CoGetClassObject, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoRevokeClassObject, OleInitialize, CoFreeUnusedLibraries, CoInitializeSecurity, OleUninitialize
EnumProcesses, GetModuleBaseNameW, GetModuleFileNameExW, EnumProcessModules
ShellExecuteW, SHGetFolderPathW, SHCreateDirectoryExW, SHFileOperationW, SHAppBarMessage, Shell_NotifyIconW
PathStripToRootW, PathIsUNCW, PathFindFileNameW, PathFindExtensionW, SHDeleteKeyW
CharNextW, ReleaseCapture, SetCapture, GetSysColorBrush, DestroyMenu, GetDesktopWindow, CreateDialogIndirectParamW, GetNextDlgTabItem, EndDialog, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, GetDC, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, RegisterWindowMessageW, SendDlgItemMessageA, WinHelpW, IsChild, GetCapture, GetClassLongW, GetClassNameW, SetPropW, GetPropW, RemovePropW, GetTopWindow, DestroyWindow, GetMessageTime, GetMessagePos, MapWindowPoints, TrackPopupMenu, SetMenu, ShowScrollBar, CreateWindowExW, GetClassInfoExW, GetClassInfoW, RegisterClassW, GetSysColor, AdjustWindowRectEx, ScreenToClient, EqualRect, DefWindowProcW, CallWindowProcW, CopyRect, PtInRect, GetMenu, PostThreadMessageW, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetLastActivePopup, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapW, EnableMenuItem, InvalidateRgn, GetWindowTextLengthW, SetFocus, IsWindowEnabled, MoveWindow, SetWindowLongW, GetDlgCtrlID, SetWindowTextW, GetWindowLongW, IsDialogMessageW, SetDlgItemTextW, SendDlgItemMessageW, GetDlgItem, CharUpperW, UnhookWindowsHookEx, SetWindowsHookExW, CallNextHookEx, GetMessageW, TranslateMessage, DispatchMessageW, GetKeyState, ValidateRect, GetWindow, SetWindowContextHelpId, MapDialogRect, SetWindowPos, PostQuitMessage, GetMenuState, GetMenuStringW, ExitWindowsEx, EnumWindows, GetWindowTextW, IsWindowVisible, GetWindowThreadProcessId, FindWindowExW, SystemParametersInfoW, SetActiveWindow, DrawAnimatedRects, SetMenuDefaultItem, ModifyMenuW, GetMenuItemID, GetMenuItemCount, GetSubMenu, ClientToScreen, GetCursorPos, LoadMenuW, GetActiveWindow, DrawIcon, GetClientRect, RegisterClipboardFormatW, GetSystemMetrics, IsIconic, PeekMessageW, UnregisterClassW, MessageBeep, OffsetRect, GetNextDlgGroupItem, KillTimer, GetFocus, UpdateWindow, IsWindow, SetTimer, SetCursor, DrawFocusRect, InflateRect, SetRectEmpty, SendMessageW, GetWindowRect, GetParent, LoadCursorW, EnableWindow, GetForegroundWindow, PostMessageW, LoadIconW, SetForegroundWindow, MessageBoxW, InvalidateRect, SetRect, IsRectEmpty, CheckMenuItem, CopyAcceleratorTableW, ShowWindow
VerQueryValueW, GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeW, GetFileVersionInfoSizeA, GetFileVersionInfoW
DocumentPropertiesW, OpenPrinterW, ClosePrinter


Adobe Reader and Acrobat Manager by Adobe Systems (Signed)

Remove AdobeARM.exe
MD5:   6a8b5c84f2e4935df5afca6800a0fae1
SHA1:   2d8291816b03dec97eeb18214463ccc5c0ab19e3
SHA256:   9a6902cfa8e0895ce7db8d3e1b09df5c342950c0e7c4df65c18cc59470c6f599
Warning 29 antivirus scanners has detected malware.

What is AdobeARM.exe?

AdobeARM.exe is a part of new Adobe Acrobat\Reader updater. The Updater is responsible for checking for, downloading, and launching the update installer for Reader or Acrobat. The Updater primarily keeps itself up to date and downloads and extracts needed files. It does not actually install anything, as that job is handled by a separate installer. Update preferences controlled at the registry level. Log settings controlled at the registry level; log name and location is different. Checks for upd

About AdobeARM.exe (from Adobe Systems)

Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. Use Adobe Reader to view, search, digita


File name:AdobeARM.exe
Publisher:Adobe Systems Incorporated
Product name:Adobe Reader and Acrobat Manager
Typical file path:C:\Program Files\common files\adobe\arm\1.0\adobearm.exe
File version:
Size:167.5 KB (171,521 bytes)
Build date:2/23/2013 3:36 PM
Issued to:Adobe Systems
Authority (CA):VeriSign
Expiration date:Friday, September 20, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
More details


Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Adobe ARM' → "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Scheduled tasks
  • The task 'Programma di aggiornamento online di Adobe' runs weekly in the path '\Programma di aggiornamento online di Adobe'
  • The task 'Program aktualizacji online firmy Adobe.' runs weekly in the path '\Program aktualizacji online firmy Adobe.'
  • The job 'Adobe 联机更新程序' runs weekly in the path '\Adobe 联机更新程序'
  • The task 'Adobe online aktualizační program' runs weekly in the path '\Adobe online aktualizační program'
  • The task 'Программа онлайн-обновления Adobe.' runs in the path '\Программа онлайн-обновления Adobe.'
  • The task 'Adobe 联机更新程序' runs weekly in the path '\Adobe 联机更新程序'
  • The job 'Programa de atualização online Adobe' runs weekly in the path '\Programa de atualização online Adobe'
  • The job 'Программа онлайн-обновления Adobe.' runs weekly in the path '\Программа онлайн-обновления Adobe.'
  • The task 'Adobe-Online-Aktualisierungsprogramm' runs weekly in the path '\Adobe-Online-Aktualisierungsprogramm'
  • The task 'Programme de mise à jour en ligne de Adobe' runs weekly in the path '\Programme de mise à jour en ligne de Adobe'
  • The task 'Adobe Reader and Acrobat Manager' runs weekly in the path '\Adobe Reader and Acrobat Manager'
  • The job 'Adobe ARM' runs on logon in the path '\Adobe ARM'
  • The job 'Programa de actualización online de Adobe' runs weekly in the path '\Programa de actualización online de Adobe'
  • The task 'Adobe online update program' runs weekly in the path '\Adobe online update program'
  • Entry path '\Программа онлайн-обновления Adobe.'
  • Entry path '\Programa de atualização online Adobe'
  • Entry path '\Adobe Reader and Acrobat Manager'
  • Entry path '\Programa de actualización online de Adobe'
  • Entry path '\Programma di aggiornamento online di Adobe'
  • Entry path '\Adobe-Online-Aktualisierungsprogramm'
  • Entry path '\Programme de mise à jour en ligne de Adobe'
  • Entry path '\Adobe オンライン更新プログラム'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\Adobe ARM'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 29 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum Trojan.DR.Agent!+rHkLDaGflI
AhnLab V3 Internet Security 2013.04.09 Malware/Win32.Generic
Avira AntiVir TR/Dropper.Gen
avast! 6.0.1289.0 Win32:Malware-gen
AVG 2014.0.3629 Dropper.Generic7.BUKT
BitDefender 7.2 Gen:Variant.Barys.2605
CAT Quick Heal Trojan.Injector
Commtouch W32/Trojan.BWMD-0026
Comodo Internet Security 15862 UnclassifiedMalware
Dr.Web Trojan.AVKill.28851
Emsisoft Anti-Malware Trojan.MSIL.Injector (A)
ESET NOD32 7.8206 a variant of MSIL/Injector.AFM
Fortinet MSIL/Kryptik.GVV!tr
F-Secure 11.0.19020.35 Gen:Variant.Barys.2605
G Data 13.10.22 Gen:Variant.Barys.2605
Ikarus T3. Trojan-PWS.MSIL
K7 AntiVirus 9.164.8482 Riskware
Kaspersky HEUR:Trojan.Win32.Generic
Kingsoft 2013.1.8.219 Win32.Troj.Undef.(kcloud)
McAfee 5.400.1158 Suspicious Resource!msil
McAfee Gateway Anti-Malware v2012.1-dat RDN/Generic Dropper!ez
Microsoft Security Essentials 1.9302.0 VirTool:MSIL/Injector.CT
Norman 7.00.22 Suspicious_Gen4.CMSLF
Panda Antivirus Trj/OCJ.D
Sophos 4.87.0 Mal/Generic-S
Symantec 20121.3.0.76 WS.Reputation.1
Trend Micro 9.740.0.1012 TROJ_GEN.RCBCFC6
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.R47CPCI
VIPRE Antivirus 16678 Trojan.Win32.Generic!BT

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 39.00%
Windows 7 Ultimate 14.00%
Windows 8.1 11.00%
Windows 7 Professional 8.00%
Microsoft Windows XP 5.50%
Windows 8 4.00%
Windows 8.1 Single Language 2.50%
Windows 8 Pro 2.50%
Windows Vista Home Premium 2.00%
Windows 8.1 Pro 1.50%
Windows 8.1 N 1.50%
Windows 8 Single Language 1.50%
Windows 7 Home Basic 1.00%
Windows 8.1 Pro with Media Center 1.00%
Windows 8.1 Pro Preview 1.00%
Windows Vista Home Basic 1.00%
Windows 7 Starter 1.00%
Windows 8.1 Enterprise 1.00%
Windows 8 Enterprise N 0.50%
Windows 8 Enterprise 0.50%

Distribution by countryDistribution by country

United States installs about 46.73% of Adobe Reader and Acrobat Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 19.42%
Hewlett-Packard 15.11%
ASUS 15.11%
Toshiba 12.95%
Acer 9.71%
Lenovo 7.91%
Sony 5.04%
Intel 3.60%
Samsung 3.24%
Compaq 2.88%
Medion 0.72%
Gateway 0.72%
MSI 0.72%
American Megatrends 0.72%
NEC 0.72%
Alienware 0.36%
Sahara 0.36%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE